The Reykjavík Metropolitan Police has not done any business with Hacking Team, the Italian surveillance software provider, whose leaked email correspondence and other data were published by Wikileaks on Thursday. This is according to a brief news release issued by the Police earlier today.
Late Thursday, Grapevine broke the news on email correspondence between a Reykjavík Metropolitan Police investigator and the Milan-based “offensive technology” software provider Hacking Team, wherein the officer declares interest in the company’s spyware, Remote Control System (RCS). The correspondence, which took place in 2011, was among over 400 gigabytes of the company’s data, compromised by hackers last weekend, then made accessible through Wikileaks on Thursday.
This afternoon, following coverage in all of Iceland’s major media, the Metropolitan Police issued a brief statement on the affair. While thereby confirming the veracity of the emails, they say that there was nothing “abnormal” about the inquiries made by the officer involved, explaining: “The fact is that the Police employ various sorts of equipment for investigation purposes, whereas this particular officer had been assigned with inquiring about the price and utility of equipment in a particular field, in which the aforementioned correspondence played a part.”
Remote Control System
RCS, the “equipment”, or software solution, in which the officer expressed “normal” interest, on behalf of the Police, is marketed as “the hacking suite for governmental interception”. It promises government agencies the possibility of monitoring all digital interaction of a target, regardless of device, operating system, or encryption, without, perhaps needless to say, the victim’s awareness.
Interviewed by RÚV on Thursday, Smári McCarthy, digital rights specialist and manager at Organized Crime and Corruption Project, said that according to his best knowledge, no government agency in the Nordic countries used any such equipment. “Many people despise these companies,” he said, referring to Hacking Team and their competitors at Finfisher, “because they basically focus on facilitating human rights violations. Some try to justify such operations by claiming they can be used to hinder organised crime and terrorism, but the fact is that until now no one has shown any results of using this sort of software for those purposes. It is known, however, that journalists, activists, politicians and others have been targeted through it”.
Whether Icelandic law enforcement agencies obtained any comparable equipment from any other source, after making enquiries at Hackingteam, has not been revealed.
The Hacking Team Leak
It was early Monday morning that the supposedly online security specialist company’s data started appearing online, distributed by hackers. Whereas this particular act of cyber-burglary was accompanied by a lot of jest, much of which can be found via the hashtag #IsHackingTeamAwakeYet, the company’s business portfolio is not all humorous. Whereas the company’s representatives have until now claimed that they do not sell its software to countries that abuse human rights, the company’s actual clients include secret service and law enforcement agencies of countries as varied as Uzbekistan, Sudan, Russia, Saudi Arabia, Luxembourg, Singapore, Ethiopia, Spain, South Korea, Poland and Thailand as well as the United States’ FBI, to name a few. Among these Sudan, Saudi Arabia and Ethiopia may be most notorious for their human rights violations.
In the wake of the leak, the company has asked all its client to cease use of their, now compromised, software.